Has anyone had success with implementing version parsing for NTLM formats in Zeek? I’ve tried a few times to no avail to record the version of NTLM auth being used in various protocols, but I have had no luck. Has anyone had any luck on this?
Has anyone had success with implementing version parsing for NTLM formats in Zeek? I’ve tried a few times to no avail to record the version of NTLM auth being used in various protocols, but I have had no luck. Has anyone had any luck on this?